"Verify your facebook account " spam steals authentication token

on Thursday, October 04, 2012|

Few days after miley cyrus facebook spam, there is new spam that lures user into providing authentication token. Today, i got a notification that one of my friend tagged me in a photo. So , i just take a look into the post, it has a picture with a title "verify your facebook account at [tiny_url]".

" Attention Please!
WARNING: Announcement from FACEBOOK Verificatio Team. All profile Must be verified Before OCTOBER 2012 To Avoid Scams and Scams under SOPA ACT. The unverfied Accounts will be Terminated.

Verify your account using the link given in description" the message
written in the picture reads.

Yes, it is none other than spam similar to previous one but the concept is changed.

I was curious to visit the link. It redirects me to a page "50.0x11.162.0xcf?id=57421560". I was surprised to see the url, it has some some hex values in the ip. I've convert to decimal and got this ip " 50.17.162.207"

This page redirects me to a page "ilovemyiphone.mobi/r/". Furthermore, it redirects me to "facebook.com.cfbi.info".

Finally , it lands me in the scam site where it ask me to copy and paste my authentication token. Why not? I've given access token. Hope you know what happened next. Yes, it post the spam message in my wall. :)